明点软件 avatar 明点软件 committed 38daeb9

支持子账号登陆

Comments (0)

Files changed (9)

 grails-spring-security-taobao-*.zip
 
 *spring-security-taobao-*.zip
+
+target-eclipse/classes/BootStrap$_closure1.class
+target-eclipse/*
+syntax: regexp
+^Grails-spring-security-taobao-grailsPlugins\.iml$
+syntax: regexp
+^Grails-spring-security-taobao\.iml$

SpringSecurityTaobaoGrailsPlugin.groovy

 */
 class SpringSecurityTaobaoGrailsPlugin {
     // the plugin version
-    def version = "0.8.2"
+    def version = "1.0.0"
     // the version or versions of Grails the plugin is designed for
-    def grailsVersion = "2.0 > *"
+    def grailsVersion = "2.1 > *"
     // the other plugins this plugin depends on
     def dependsOn = [springSecurityCore: '1.2.7 > *']
     // resources that are excluded from plugin packaging
         SpringSecurityUtils.registerFilter 'taobaoAuthenticationFilter', SecurityFilterPosition.OPENID_FILTER
 
         taobaoAuthenticationProvider(TaobaoAuthenticationProvider) {
+			
             appSecretMap = conf.taobao.appSecretMap
             taobaoAuthenticationDao = ref('taobaoAuthenticationDao')
         }

application.properties

 #Grails Metadata file
-#Thu Feb 02 11:38:52 CST 2012
-app.grails.version=2.0.0
+#Thu Aug 16 00:01:18 CST 2012
+app.grails.version=2.1.0
 app.name=spring-security-taobao
-plugins.hibernate=2.0.0
-plugins.release=1.0.1
-plugins.spring-security-core=1.2.7
-plugins.tomcat=2.0.0
+plugins.hibernate=2.1.0
+plugins.release=2.0.4
+plugins.spring-security-core=1.2.7.3
+plugins.tomcat=2.1.0

grails-app/conf/BuildConfig.groovy

 grails.project.dependency.resolution = {
     // inherit Grails' default dependencies
     inherits("global") {
-        excludes 'commons-codec:commons-codec:1.4'
     }
     log "warn" // log level of Ivy resolver, either 'error', 'warn', 'info', 'debug' or 'verbose'
     repositories {
     dependencies {
         // specify dependencies here under either 'build', 'compile', 'runtime', 'test' or 'provided' scopes eg.
         // runtime 'mysql:mysql-connector-java:5.1.13'
-        runtime('commons-codec:commons-codec:1.5'){
-            transitive:false
-        }
     }
 }

grails-app/controllers/test/TestController.groovy

 package test
 
 
-class TestController {
-    def springSecurityService 
-    def concurrentSessionFilter
+class TestController {
+    def springSecurityService
+    def concurrentSessionFilter
     def index = { 
         def user = springSecurityService.currentUser
-        render 'user id: ' + user.id
+        render 'user id: '
     }
     
     def expire = {
     
     def p = {
         println concurrentSessionFilter
-    }
-}
+    }
+}
-<plugin name='spring-security-taobao' version='0.8.2' grailsVersion='2.0 &gt; *'>
+<plugin name='spring-security-taobao' version='1.0.0' grailsVersion='2.1 &gt; *'>
   <author>Simon Leung</author>
   <authorEmail>simon.r.leung@gmail.com</authorEmail>
   <title>Spring Security Taobao Plugin</title>
     <repository name='grailsCore' url='http://svn.codehaus.org/grails/trunk/grails-plugins' />
     <repository name='mavenCentral' url='http://repo1.maven.org/maven2/' />
   </repositories>
-  <dependencies>
-    <runtime>
-      <dependency group='commons-codec' name='commons-codec' version='1.5' />
-    </runtime>
-  </dependencies>
   <plugins />
   <runtimePluginRequirements>
-    <plugin name='springSecurityCore' version='1.2.7 &gt; *' />
+    <plugin name='springSecurityCore' version='1.2.7.3 &gt; *' />
   </runtimePluginRequirements>
   <behavior />
 </plugin>

src/groovy/test/TestTaobaoAuthenticationDao.groovy

 	}
 
 	public void create(TaobaoUser taobaoUser) {
-		print 'create taobao user'
+		print 'create taobao user: ' + taobaoUser.nick
 
 	}
 

src/java/com/mingidea/security/taobao/TaobaoAuthenticationProvider.java

 
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.codec.digest.DigestUtils;
+import org.apache.commons.lang.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.BeansException;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.util.Assert;
 
-public class TaobaoAuthenticationProvider implements AuthenticationProvider, InitializingBean, ApplicationContextAware  {
+public class TaobaoAuthenticationProvider implements AuthenticationProvider, InitializingBean, ApplicationContextAware {
     private final static Logger log = LoggerFactory.getLogger(TaobaoAuthenticationProvider.class);
-    
+
     private ApplicationContext applicationContext;
-    
+
     private TaobaoAuthenticationDao taobaoAuthenticationDao;
-    
-    /** appKey to appSecret mapping */
+
+    /**
+     * appKey to appSecret mapping
+     */
     private Map<String, String> appSecretMap;
 
     @Override
         TaobaoAuthenticationToken token = (TaobaoAuthenticationToken) authentication;
         TaobaoCredentials credentials = (TaobaoCredentials) token.getCredentials();
         validateCredentials(credentials);
-        
+
         // 淘宝用户昵称
-        String nick = credentials.getVisitorNick();
+        String nick = null;
+        String subTaobaoUserNick = credentials.getSubTaobaoUserNick(); // 子账号
+        if (StringUtils.isNotBlank(subTaobaoUserNick)) {
+            nick = subTaobaoUserNick;
+        } else {
+            nick = credentials.getVisitorNick();
+        }
+
         String appKey = credentials.getAppKey();
         String session = credentials.getSession();
-        
+
         TaobaoUser taobaoUser = taobaoAuthenticationDao.find(nick, appKey);
-        if(taobaoUser == null) {
-        	log.debug("create taobao user {}", nick);
-        	taobaoUser = new TaobaoUser(nick, appKey, session);
-        	taobaoAuthenticationDao.create(taobaoUser);
-        	applicationContext.publishEvent(new TaobaoUserCreatedEvent(this, taobaoUser));
+        if (taobaoUser == null) {
+            log.debug("create taobao user {}", nick);
+            taobaoUser = new TaobaoUser(nick, appKey, session);
+            taobaoAuthenticationDao.create(taobaoUser);
+            applicationContext.publishEvent(new TaobaoUserCreatedEvent(this, taobaoUser));
         } else {
-        	if(taobaoUser.getSession() != session) {
-        		log.debug("update taobao user {} with session {}", nick, session);
-        		taobaoUser.setSession(session);
-        		taobaoAuthenticationDao.update(taobaoUser);
-        		applicationContext.publishEvent(new TaobaoUserUpdatedEvent(this, taobaoUser));
-        	}
+            if (taobaoUser.getSession() != session) {
+                log.debug("update taobao user {} with session {}", nick, session);
+                taobaoUser.setSession(session);
+                taobaoAuthenticationDao.update(taobaoUser);
+                applicationContext.publishEvent(new TaobaoUserUpdatedEvent(this, taobaoUser));
+            }
         }
-        
+
         UserDetails userDetails = taobaoAuthenticationDao.getPrincipal(taobaoUser);
-        
-        if(userDetails == null) {
+
+        if (userDetails == null) {
             throw new PrincipalNotFoundException("can not found principal for taobao user [" + nick + "]");
         } else {
-        	//remove credentials
-        	return new TaobaoAuthenticationToken(userDetails, null, userDetails.getAuthorities());
+            //remove credentials
+            return new TaobaoAuthenticationToken(userDetails, null, userDetails.getAuthorities());
         }
     }
 
     /**
-     * 
      * @throws BadCredentialsException credentials is invalid
      */
     private void validateCredentials(TaobaoCredentials credentials) throws BadCredentialsException {
 
     /**
      * 签名规则为base64(md5(top_appkey+top_parameters+top_session+app_secret))
-     * 
+     *
      * @throws CredentialsExpiredException
      */
     private void validateSign(String appkey, String parameters, String session, String sign)
-        throws BadCredentialsException {
+            throws BadCredentialsException {
         String appSecret = this.appSecretMap.get(appkey);
         if (appSecret == null) {
             log.error("The corresponding App Secret can't be found. appKey: {}", appkey);
 
     /**
      * 请求时间不能和当前时间超过30分钟
-     * 
+     *
      * @param timestamp
      * @throws BadCredentialsException
      */
         long now = System.currentTimeMillis();
         if ((now - timestamp) > 1800000) { // 30分钟
             throw new CredentialsExpiredException(
-                "The difference between the request time and the server's time is too large");
+                    "The difference between the request time and the server's time is too large");
         }
     }
-    
+
     public void setTaobaoAuthenticationDao(TaobaoAuthenticationDao taobaoAuthenticationDao) {
-		this.taobaoAuthenticationDao = taobaoAuthenticationDao;
-	}
+        this.taobaoAuthenticationDao = taobaoAuthenticationDao;
+    }
 
-	public void setAppSecretMap(Map<String, String> appSecretMap) {
+    public void setAppSecretMap(Map<String, String> appSecretMap) {
         this.appSecretMap = appSecretMap;
     }
-	
-	@Override
+
+    @Override
     public boolean supports(Class<?> authentication) {
         return TaobaoAuthenticationToken.class.isAssignableFrom(authentication);
     }
 
-	@Override
-	public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
-		this.applicationContext = applicationContext;
-	}
+    @Override
+    public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
+        this.applicationContext = applicationContext;
+    }
 }

src/java/com/mingidea/security/taobao/TaobaoCredentials.java

 
 /**
  * 表示淘宝登陆的回调参数。
- * 参考:<a href="http://open.taobao.com/dev/index.php/%E7%94%A8%E6%88%B7%E9%AA%8C%E8%AF%81">TOP用户验证</a>
+ * 参考:
+ * <a href="http://open.taobao.com/doc/category_list.htm?id=199">用户授权介绍</a>
+ *
  * @author Simon Leung
  * @since 0.1
  */
     private String visitorId;
     private String visitorNick;
     private String visitorRole;
+
+    private int expiresIn;
+    private int r1ExpiresIn;
+    private int r2ExpiresIn;
+    private int w1ExpiresIn;
+    private int w2ExpiresIn;
+    private int reExpiresIn;
+
+    private String refreshToken;
+    private String subTaobaoUserId;
+    private String subTaobaoUserNick;
     
     private TaobaoCredentials() {
         //Can not be instantiated directly,use #build()
             credentials.visitorId = parameterMap.get("visitor_id");
             credentials.visitorNick = parameterMap.get("visitor_nick");
             credentials.visitorRole = parameterMap.get("visitor_role");
+
+            credentials.expiresIn = Integer.parseInt(parameterMap.get("expires_in"));
+            credentials.r1ExpiresIn = Integer.parseInt(parameterMap.get("r1_expires_in"));
+            credentials.r2ExpiresIn = Integer.parseInt(parameterMap.get("r2_expires_in"));
+            credentials.w1ExpiresIn = Integer.parseInt(parameterMap.get("w1_expires_in"));
+            credentials.w2ExpiresIn = Integer.parseInt(parameterMap.get("w2_expires_in"));
+            credentials.reExpiresIn = Integer.parseInt(parameterMap.get("re_expires_in"));
+
+            credentials.refreshToken = parameterMap.get("refresh_token");
+            credentials.subTaobaoUserId = parameterMap.get("sub_taobao_user_id");
+            credentials.subTaobaoUserNick = parameterMap.get("sub_taobao_user_nick");
         }
    
         return credentials;
     public String getVisitorRole() {
         return visitorRole;
     }
+
+    public int getR1ExpiresIn() {
+        return r1ExpiresIn;
+    }
+
+    public int getR2ExpiresIn() {
+        return r2ExpiresIn;
+    }
+
+    public int getW1ExpiresIn() {
+        return w1ExpiresIn;
+    }
+
+    public int getW2ExpiresIn() {
+        return w2ExpiresIn;
+    }
+
+    public int getReExpiresIn() {
+        return reExpiresIn;
+    }
+
+    public String getRefreshToken() {
+        return refreshToken;
+    }
+
+    public String getSubTaobaoUserId() {
+        return subTaobaoUserId;
+    }
+
+    public String getSubTaobaoUserNick() {
+        return subTaobaoUserNick;
+    }
+
+    public int getExpiresIn() {
+        return expiresIn;
+    }
 }
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.